Widget Signature Issue - DSA-SHA256 may not be good algorithm choice

I would like to raise an issue related to Widget Requirement R46 which  
specifies DSA Signature [1] and the Widgets 1.0 Digital Signature  
editors draft [2] that requires DSA-SHA256 since this may not be a  
good algorithm choice.

One concern is availability of implementations,  a question that was  
raised on today's Web Applications teleconference.

I have a comment below from Brian LaMacchia, a  member of the XML  
Security WG, that notes the issue.

Much thanks Brian for noting this issue and expressing it clearly.

regards, Frederick

Frederick Hirsch

[1] http://dev.w3.org/2006/waf/widgets-reqs/#r46.-

[2] http://dev.w3.org/2006/waf/widgets-digsig/#digital

Begin forwarded message:

> From: "ext Brian LaMacchia" <bal@exchange.microsoft.com>
> Date: January 8, 2009 12:23:09 PM EST
> To: Frederick Hirsch <frederick.hirsch@nokia.com>
> Subject: RE: DSA-SHA-256?
> No, my comment (I think) was that I was quite surprised by the  
> Widget folks choosing DSA-SHA256 as the mandatory-to-implement  
> signature alg, because (a) it's not a standard yet (until FIPS 186-3  
> comes out), (b) there are no widely-deployed implementations today,  
> and (c) I don't see any other standard org going in that direction.   
> Everyone is moving to ECDSA-SHA256 (if anything) -- that's what the  
> US Government is moving towards with the Suite B set of algorithms,  
> that's what we're moving to in 1.1, etc.
> SHA-1 is dying, so Widget clearly needs to use at least SHA-256.   
> But I would have expected them to go for ECDSA-SHA256 or (perhaps)  
> RSA-SHA256, but for small devices like cellphones ECDSA-SHA256 would  
> make more sense.
> Hope that helps,
> 					--bal

Received on Thursday, 8 January 2009 17:51:52 UTC